MI5 has produced an app to help government officials, military contractors, technology specialists and other likely targets of hostile states to identify fake profiles, foreign spies and malicious actors.
The app will vet suspicious profiles and alert users if their contacts bear the hallmarks of espionage activity by a hostile state. It allows users to check whether profile pictures from social media and networking sites such as LinkedIn are stock images used widely across the internet.
The app, part of the Think Before You Link campaign launched across the civil service, also helps users assess the veracity of profiles on social medial platforms according to an individuals’ purported job role and company.
Developed with behavioural scientists, it will help Britons identify potentially fake profiles and report anything they deem suspicious. It has been produced by the National Protective Security Authority (NPSA), the protective security arm of MI5.
MI5 has been proactive in recent years about raising alarm about hostile states, particular China, who are using LinkedIn and other social media platforms to target British interests.
In 2021 Ken McCallum, MI5’s director-general, warned that more than 10,000 British officials and other nationals with access to classified or sensitive information had been targeted for recruitment by hostile states. He did not specifically name China but it is understood that Robin Zhang, the pseudonym for the spy exposed by The Times today, and his team at Beijing’s main spy agency, are considered responsible for the vast majority.
This year McCallum warned that universities were “magnetic targets for espionage and manipulation”, as he compared the global scientific race to the Cold War.
McCallum said that hostile actors were stealing British research with “dispiriting regularity” and urged students to be extremely cautious to avoid passing secrets to China, Russia and Iran.
MI5’s Think before you Link campaign was launched two years ago and aims to make academics, as well as government, security and business offiicals, alert to the dangers posed by hostile states.
It has urged potential targets to take greater care online and not to advertise sensitive job roles from their past. They have been been specifically warned to look out for fake companies approaching them and recruiters who are overly flattering and try to secure meetings abroad.
The government is keener than ever to emphasise the threat because the new National Security Act, which became law last month, contains much tougher powers to prosecute those who pass information to hostile states.
Spies and police had repeatedly said that the Official Secrets Act, primarily designed to counter the First World War threat, was no longer fit for purpose and meant it was virtually impossible to prosecute anyone for espionage. The updated legislation includes new offences of assisting a foreign intelligence service and of disclosing trade secrets.
McCallum had previously warned that foreign spies were creating fake profiles online and using them on an “industrial scale” to try to steal state secrets from unwitting targets.
The Think Before You Link app gives courses on online protection of personal information, how to report suspicious profiles and the types of behaviour to look out for. It warns that spies for hostile states carry out online approaches that work in a similar way to romance and financial fraud, in that the target becomes “psychologically invested”. It warns Britons not to fall for flattery.
The app also allows users to upload profile pictures from any suspicious profiles and check if they are stock images or fakes.
The NPSA emphasises it is not just people in highly classified roles and sensitive positions who are vulnerable. It says that individuals in more generic roles might still hold valuable intelligence and that “seemingly mundane info can help a foreign intel service build up a pic of an adversary”.
It uses the example of a security officer at an important site. They might not have direct access to highly sensitive materials — but may have patrol schedules, business continuity arrangements, staff contact details and wi-fi passwords. They could also have information on restricted areas and how to access them, and how to disarm alarms — all useful to adversaries.
(Source: The Times)